Lab: SQL injection vulnerability allowing login bypass
This lab contains an SQL injection vulnerability in the login function.
To solve the lab, perform an SQL injection attack that logs in to the application as the
- Use Burp Suite to intercept and modify the login request.
usernameparameter, giving it the value: